{"id":845213,"date":"2021-05-06T08:00:00","date_gmt":"2021-05-06T12:00:00","guid":{"rendered":"https:\/\/www.iotforall.com\/?p=102292"},"modified":"2021-05-06T08:00:00","modified_gmt":"2021-05-06T12:00:00","slug":"knock-out-the-6-biggest-threats-to-your-cellular-iot-devices","status":"publish","type":"station","link":"https:\/\/platodata.io\/plato-data\/knock-out-the-6-biggest-threats-to-your-cellular-iot-devices\/","title":{"rendered":"\u00ad\u00ad\u00adKnock Out the 6 Biggest Threats to Your Cellular IoT Devices"},"content":{"rendered":"\n
\n
\"Cellular
Illustration: \u00a9 IoT For All<\/figcaption><\/figure>\n<\/div>\n

The upsurge of Internet of Things (IoT) solutions has been both a boost and a bane. It has revolutionized entire industries, powering everything from smart cities to AgriTech. On the other hand, IoT devices\u2019 dependence on cellular connectivity has resulted in introducing new and unprotected endpoints.<\/p>\n

The bottom line?<\/p>\n

IoT device connectivity is both a strength and a weakness. While such connectivity enables services and applications that positively impact a business, it also puts the devices, the networks upon which they operate, and the organizations themselves at risk. What makes cellular IoT devices unique is that they are vulnerable on multiple fronts.<\/p>\n

Who are the main culprits in attacks on cellular IoT devices? Count on your usual collection of classic cybercriminals \u2013 hackers, terrorists, criminals, and script kiddies \u2013 each motivated by money, challenge, politics, fun, or a combination.<\/p>\n

IoT Dangers Posed by Threat Actors<\/strong><\/h2>\n

Device Manipulation <\/strong><\/h3>\n

Functionality attacks exploit device or network system loopholes to access control functions, which impacts service operation, spreads botnets, or starts denial-of-service attacks<\/a> \u2013 overwhelming the IoT device and network.<\/p>\n

During battery drain attacks, threat actors access the network gateway where the device resides and \u201cwake up\u201d a battery system component far more frequently than necessary, draining the batteries and requiring them to be constantly replaced \u2013 a costly situation.<\/p>\n

Data Channel Rerouting Attacks<\/strong> <\/h3>\n

Attackers can sniff out and tamper with sensitive information by altering the path of the data on its way to or from the attacked device in the cellular network.<\/p>\n

This can be done by maliciously altering the Access Point Name (APN) registered on the device, revealing the gateway from the cellular network to the open Internet; intervening in Domain Name Server (DNS) resolution to control the IP address resolved for the APN, and utilizing a Man-in-the-Middle<\/a> fake cell tower to change the IP address of the requested DNS server. Also known as eavesdropping attacks, these can massively disrupt supply chains or even risk lives.<\/p>\n

IoT Devices as Attack Tools<\/strong> <\/h3>\n

Hackers can use IoT devices themselves as a gateway to exploit device vulnerabilities to enter a company\u2019s internal systems to steal data, trade secrets, and other critical information. They can employ poorly protected IoT devices to launch distributed denial of service (DDoS) attacks, shutting down some or all aspects of a company\u2019s operations.<\/p>\n

Denial of Service (DoS)<\/strong> <\/h3>\n

Attackers can take devices offline by flooding them with information that triggers a crash, disconnects manufacturing and monitoring systems, halts electricity production, or prevents access to the systems via a targeted DoS attacks.<\/p>\n

They can exploit flaws in the cellular network\u2019s connectivity protocols to impersonate the identity of another legitimate device connected to the service, flood the network to deny service to other endpoints, and disrupt an ENTIRE organization or nation with non-targeted DoS attacks.<\/p>\n

Lastly, attackers can disable business or national services by disabling the logging service of an IoT device while leaving functionality intact to be used in the next stage of a multi-layered attack \u2013 service DoS attacks.<\/p>\n

Compromise Identity<\/strong><\/h3>\n

ToRPEDO (TRacking via Paging mEssage DistributiOn) attacks allow hackers to recognize a device, find its location, and identify the device owner. IMP4GT attacks help cybercriminals exploit integrity protection flaws in the cellular connectivity protocol to impersonate devices or users and execute uplink and downlink impersonation based on their objectives and opportunities presented by the unsecured network.<\/p>\n

Expose Data Location<\/strong><\/h3>\n

Attackers can track a device\u2019s physical location by exploiting existing flaws in communication protocols like SS7 and Diameter \u2013 and thus endanger valuable assets transported in connected vehicles. They can also discover when a specific device enters a certain geographic location, which may trigger a wider attack to harm devices or business operations in a specific area.<\/p>\n

Protecting Against Attacks<\/strong><\/h2>\n

It is tempting to relegate the cyber threats challenging cellular IoT devices into the same class of risks facing smartphones, which are already being addressed. It is also easy to assume that cellular IoT devices are only exposed to the same attacks on IoT devices<\/a> using LAN or WLAN connections.<\/p>\n

The reality is that it is the coming together of cellular connectivity and unique IoT vulnerabilities that account for the deadly threats that jeopardize businesses, government agencies, mobile network operators, and cellular subscribers themselves.<\/p>\n

To tackle IoT device cybersecurity<\/a>, let\u2019s start with a known point: Cellular IoT devices are uniquely different from other types of endpoint devices like mobile phones and laptops. Unlike them, IoT devices\u2019 operating systems, communication protocols, and applications impact a company\u2019s infrastructure and client deployments or services \u2013 thus challenging IoT service providers to protect both from possible intrusion and disruption.<\/p>\n

IoT device service providers must tackle the security issue from the core of the device outward to address this demand. Yes, they must protect the hardware and perimeter. Still, they must also secure the connectivity layer between the device, the cellular network, and other devices to scalably mitigate threats to all devices, regardless of hardware, software, or usage changes.<\/p>\n

What\u2019s the Solution?<\/h2>\n

So, what is the solution? Experts say there is only one: Identify and protect cellular communication at the first point of entry<\/em>, before it reaches the device, with a network-based solution that:<\/p>\n